Merge pull request #164 from QU35T-code/fix/bugs

Fix/bugs - Discord Tickets
ThePorgs · Jun 7, 2023 · 7ed7576 · 7ed7576
2 parents 6e48d35 + 2efe130
commit 7ed7576
Show file tree

Hide file tree

Showing 11 changed files with 47 additions and 18 deletions.
diff --git a/sources/assets/zsh/aliases.d/checksec b/sources/assets/zsh/aliases.d/checksec
@@ -0,0 +1 @@
+alias checksec='/opt/tools/checksec.py/venv/bin/python3 -m checksec'
diff --git a/sources/assets/zsh/aliases.d/pth-tools b/sources/assets/zsh/aliases.d/pth-tools
@@ -4,4 +4,4 @@ alias pth-smbclient='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/
 alias pth-smbget='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/tools/pth-toolkit/lib/:/opt/tools/pth-toolkit/lib/private/" /opt/tools/pth-toolkit/bin/smbget'
 alias pth-winexe='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/tools/pth-toolkit/lib/:/opt/tools/pth-toolkit/lib/private/" /opt/tools/pth-toolkit/bin/winexe'
 alias pth-wmic='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/tools/pth-toolkit/lib/:/opt/tools/pth-toolkit/lib/private/" /opt/tools/pth-toolkit/bin/wmic'
-alias pth-wmis='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/tools/pth-toolkit/lib/:/opt/tools/pth-toolkit/lib/private/" /opt/tools/pth-toolkit/bin/wmis'
+alias pth-wmis='LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/opt/tools/pth-toolkit/lib/:/opt/tools/pth-toolkit/lib/private/" /opt/tools/pth-toolkit/bin/wmis'
diff --git a/sources/assets/zsh/history.d/checksec b/sources/assets/zsh/history.d/checksec
@@ -0,0 +1 @@
+checksec binary.bin
diff --git a/sources/assets/zsh/history.d/objectwalker b/sources/assets/zsh/history.d/objectwalker
@@ -0,0 +1 @@
+objectwalker -m jinja2 --filter-module os --max-depth 15
diff --git a/sources/assets/zsh/history.d/sliver b/sources/assets/zsh/history.d/sliver
@@ -0,0 +1,2 @@
+sliver-server
+sliver-client
diff --git a/sources/install/package_ad.sh b/sources/install/package_ad.sh
@@ -4,20 +4,23 @@
 source common.sh
 
 function install_ad_apt_tools() {
-    fapt samdump2 smbclient onesixtyone nbtscan
+    fapt samdump2 smbclient onesixtyone nbtscan ldap-utils
 
     add-history smbclient
     add-history onesixtyone
+    add-history ldapsearch
 
-    add-test-command "samdump2 -h|& grep 'enable debugging'" # Dumps Windows 2k/NT/XP/Vista password hashes
-    add-test-command "smbclient --help"                      # Small dynamic library that allows iOS apps to access SMB/CIFS file servers
-    add-test-command "onesixtyone 127.0.0.1 public"          # SNMP scanning
-    add-test-command "nbtscan 127.0.0.1"                     # NetBIOS scanning tool
+    add-test-command "samdump2 -h|& grep 'enable debugging'"        # Dumps Windows 2k/NT/XP/Vista password hashes
+    add-test-command "smbclient --help"                             # Small dynamic library that allows iOS apps to access SMB/CIFS file servers
+    add-test-command "onesixtyone 127.0.0.1 public"                 # SNMP scanning
+    add-test-command "nbtscan 127.0.0.1"                            # NetBIOS scanning tool
+    add-test-command "ldapsearch --help|& grep 'Search options'"    # Perform queries on a LDAP server
 
     add-to-list "samdump2,https://github.com/azan121468/SAMdump2,A tool to dump Windows NT/2k/XP/Vista password hashes from SAM files"
     add-to-list "smbclient,https://github.com/samba-team/samba,SMBclient is a command-line utility that allows you to access Windows shared resources"
     add-to-list "onesixtyone,https://github.com/trailofbits/onesixtyone,onesixtyone is an SNMP scanner which utilizes a sweep technique to achieve very high performance."
     add-to-list "nbtscan,https://github.com/charlesroelli/nbtscan,NBTscan is a program for scanning IP networks for NetBIOS name information."
+    add-to-list "ldapsearch,https://wiki.debian.org/LDAP/LDAPUtils,Search for and display entries (ldap)"
 }
 
 function install_responder() {
@@ -420,8 +423,9 @@ function install_pth-tools() {
     colorecho "Installing pth-tools"
     if [[ $(uname -m) = 'x86_64' ]]
     then
-        fapt libreadline8 && ln -s /usr/lib/x86_64-linux-gnu/libreadline.so /usr/lib/x86_64-linux-gnu/libreadline.so.6
+        fapt libreadline8 libreadline-dev
         git -C /opt/tools clone --depth=1 https://github.com/byt3bl33d3r/pth-toolkit
+        ln -s /usr/lib/x86_64-linux-gnu/libreadline.so /opt/tools/pth-toolkit/lib/libreadline.so.6
         add-aliases pth-tools
         add-history pth-tools
         add-test-command "pth-net --version"

diff --git a/sources/install/package_base.sh b/sources/install/package_base.sh
@@ -202,7 +202,7 @@ function package_base() {
     less x11-apps net-tools vim nano jq iputils-ping iproute2 tidy mlocate libtool \
     dos2unix ftp sshpass telnet nfs-common ncat netcat-traditional socat rdate putty \
     screen p7zip-full p7zip-rar unrar xz-utils xsltproc parallel tree ruby ruby-dev bundler \
-    nim perl openjdk-17-jre openjdk-11-jre openjdk-11-jdk-headless openjdk-17-jdk-headless openvpn openresolv logrotate tmux tldr bat python3-pyftpdlib libxml2-utils \
+    nim perl openjdk-17-jre openjdk-11-jre openjdk-11-jdk-headless openjdk-17-jdk-headless openjdk-11-jdk openjdk-17-jdk openvpn openresolv logrotate tmux tldr bat python3-pyftpdlib libxml2-utils \
     virtualenv chromium libsasl2-dev python-dev libldap2-dev libssl-dev isc-dhcp-client
 
     fapt-history dnsutils samba ssh snmp faketime

diff --git a/sources/install/package_c2.sh b/sources/install/package_c2.sh
@@ -42,10 +42,11 @@ function install_routersploit() {
 
 function install_sliver() {
     colorecho "Installing Sliver"
-    git -C /opt/tools/ clone --depth=1 https://github.com/BishopFox/sliver.git
+    git -C /opt/tools/ clone https://github.com/BishopFox/sliver.git
     cd /opt/tools/sliver
     make
     cp sliver-* /opt/tools/bin
+    add-history sliver
     add-test-command "sliver-server help"
     add-test-command "sliver-client help"
 }

diff --git a/sources/install/package_misc.sh b/sources/install/package_misc.sh
@@ -4,19 +4,21 @@
 source common.sh
 
 function install_misc_apt_tools() {
-    fapt rlwrap exiftool imagemagick ascii
+    fapt rlwrap exiftool imagemagick ascii rsync
 
     add-history rlwrap
 
     add-test-command "rlwrap --version"                            # Reverse shell utility
     add-test-command "exiftool /usr/share/pixmaps/debian-logo.png" # Meta information reader/writer
     add-test-command "convert -version"                            # Copy, modify, and distribute image
     add-test-command "ascii -v"                                    # The ascii table in the shell
+    add-test-command "rsync -h"                                    # File synchronization tool for efficiently copying and updating data between local or remote locations.
 
     add-to-list "rlwrap,https://github.com/hanslub42/rlwrap,rlwrap is a small utility that wraps input and output streams of executables, making it possible to edit and re-run input history"
     add-to-list "exiftool,https://github.com/exiftool/exiftool,ExifTool is a Perl library and command-line tool for reading, writing and editing meta information in image, audio and video files."
     add-to-list "imagemagick,https://github.com/ImageMagick/ImageMagick,ImageMagick is a free and open-source image manipulation tool used to create, edit, compose, or convert bitmap images."
     add-to-list "ascii,https://github.com/moul/ascii,ASCII command-line tool to replace images with color-coded ASCII art."
+    add-to-list "rsync,https://packages.debian.org/sid/rsync,File synchronization tool for efficiently copying and updating data between local or remote locations"
 }
 
 function install_goshs() {
@@ -113,6 +115,14 @@ function install_ngrok() {
     add-to-list "ngrok,https://github.com/inconshreveable/ngrok,Expose a local server behind a NAT or firewall to the internet"
 }
 
+function install_objectwalker() {
+    colorecho "Installing objectwalker"
+    python3 -m pipx install git+https://github.com/p0dalirius/objectwalker
+    add-history objectwalker
+    add-test-command "objectwalker --help"
+    add-to-list "objectwalker,https://github.com/p0dalirius/objectwalker,A python module to explore the object tree to extract paths to interesting objects in memory."
+}
+
 # Package dedicated to offensive miscellaneous tools
 function package_misc() {
     set_go_env
@@ -125,6 +135,7 @@ function package_misc() {
     install_trilium         # notes taking tool
     install_ngrok           # expose a local development server to the Internet
     install_whatportis      # Search default port number
+    install_objectwalker    # Python module to explore the object tree to extract paths to interesting objects in memory
 }
 
 function package_misc_configure() {

diff --git a/sources/install/package_reverse.sh b/sources/install/package_reverse.sh
@@ -54,7 +54,13 @@ function install_angr() {
 
 function install_checksec-py() {
     colorecho "Installing checksec.py"
-    python3 -m pipx install checksec.py
+    git -C /opt/tools/ clone --depth=1 https://github.com/Wenzel/checksec.py.git
+    cd /opt/tools/checksec.py
+    python3 -m venv ./venv
+    ./venv/bin/python3 -m pip install .
+    ./venv/bin/python3 -m pip install --upgrade lief
+    add-aliases checksec
+    add-history checksec
     add-test-command "checksec --help"
     add-to-list "checksec-py,https://github.com/Wenzel/checksec.py,Python wrapper script for checksec.sh from paX."
 }

diff --git a/sources/install/package_web.sh b/sources/install/package_web.sh
@@ -182,12 +182,14 @@ function install_joomscan(){
 function install_wpscan(){
     colorecho "Installing wpscan"
     # TODO : Check if deps are already installed
-    fapt procps ruby-dev apt-transport-https ca-certificates gnupg2
-    curl -sSL https://rvm.io/pkuczynski.asc | gpg2 --import -
-    curl -sSL https://get.rvm.io | bash -s stable --ruby
+    # fapt procps ruby-dev apt-transport-https ca-certificates gnupg2
+    # RVM conflits with default ruby env
+
+    #curl -sSL https://rvm.io/pkuczynski.asc | gpg2 --import -
+    #curl -sSL https://get.rvm.io | bash -s stable --ruby
     # TODO : gem venv
-    gem install nokogiri -v 1.11.4 # use this version to resolve the conflict with cewl
-    gem install wpscan
+    # gem install nokogiri -v 1.11.4 # use this version to resolve the conflict with cewl
+    # gem install wpscan
     add-history wpscan
     add-test-command "wpscan --help"
     add-to-list "wpscan,https://github.com/wpscanteam/wpscan,A tool to enumerate WordPress-based websites"
@@ -399,7 +401,7 @@ function install_gittools() {
 function install_ysoserial() {
     colorecho "Installing ysoserial"
     mkdir /opt/tools/ysoserial/
-    wget -O /opt/tools/ysoserial/ysoserial.jar "https://jitpack.io/com/github/frohoff/ysoserial/master-SNAPSHOT/ysoserial-master-SNAPSHOT.jar"
+    wget -O /opt/tools/ysoserial/ysoserial.jar "https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar"
     add-aliases ysoserial
     add-test-command "ysoserial --help|& grep 'spring-core:4.1.4.RELEASE'"
     add-to-list "ysoserial,https://github.com/frohoff/ysoserial,A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization."
@@ -645,7 +647,7 @@ function package_web() {
     install_fuxploider              # File upload scanner
     # install_patator               # Login scanner # FIXME
     install_joomscan                # Joomla scanner
-    install_wpscan                  # Wordpress scanner
+    #install_wpscan                 # Wordpress scanner # FIXME
     install_droopescan              # Drupal scanner
     install_drupwn                  # Drupal scanner
     install_cmsmap                  # CMS scanner (Joomla, Wordpress, Drupal)